On Tuesday, July 28, Magento Commerce and Magento Commerce Open Source 2.4 will be released with General Availability. This release will include important updates to security, quality, and platform technologies along with several new capabilities. ITDWX suggest to upgrade to this new version or patch your current 2.3.5 version with the latest Security-only patch, 2.3.5-p2 – releasing on the same day.
Due to the high number of Covid-19 infections businesses keeping the work-from-home scheme – but digital attacks are targeting them. The most common attacked targets are customer or admin login pages.
The Magento Developer team are responding to the growing threat by supporting (and in some cases requiring) 2FA across multiple areas of the Magento Commerce ecosystem. Two factor authentication is a key industry standard to protect your digital storefront against attacks that target the account login. Using 2FA security will better protect you and your clients from malicious outsiders attempting to perform unauthorized logins at three different points of entry to Magento Commerce:
– Services that use your Magento.com credentials such as My Account or the Magento Commerce Help Center.
– Accessing the cloud admin using SSH, and the Magento Commerce Admin.
Beginning with the release of 2.4, 2FA will be enabled by default for the Magento Commerce Admin and cannot be disabled. After upgrading, Admin users must configure 2FA before logging in.
ITDWX Team are working from home and safe – and we can help you to install the new version or upgrade it once it’s been released. Get in touch and ask our experts!